A group of hackers is fighting back against online scammers by targeting “scam” companies with ransomware and denial of service attacks.
A new ransomware called Milkman Victory was recently discovered online and the hackers behind it, who call themselves CyberWare, revealed that they created it specifically to send to scammers. In these scams, victims are told that they will receive a loan after making a payment to a company but in reality there is no loan and no way for them to get their money back.
This isn’t the first time we’ve seen hackers targeting other target groups back in March of this year, Cybereason discovered that hackers were modifying existing hacking tools by injecting a powerful remote-access Trojan into them.
As part of its new campaign against scammers, CyberWare is sending phising emails containing links to executables disguised as PDF files. The group is also conducting denial of service attacks to bring down scam company’s websites.
The MilkmanVictory ransomware is being distributed as a destructive wiper attack as it does not provide victims with a way to contact the attackers and does not save the encryption key. Instead victims receive a ransom note on their computers which reads: “Hello!, This computer has been destroyed with the MilkmanVictory Ransomware because we know you are a scammer! – CyberWare Hackers :-)”.
Apparently the new ransomware is based on hidden tear and because of this, if a key is not saved, it can still be decrypted using brute force attacks.